Help

Deploy and Configure Enterprise Connect 2.0.6 on Big Sur 11.5.2

lehose
New Contributor II

Posted on ‎09-01-2021 07:01 AM

Does anyone have any experience deploying/configuring Enterprise Connect to Big Sur using Jamf Pro?  Previous versions just worked by including the scripts that were created before my taking over of the task.  On Big Sur, the application installs without issues, but it does not configure the users file shares or password sync.  Anything to point me in the right direction would be appreciated.  Thanks!

0 Kudos
Reply
5 REPLIES 5

georgecm12
Contributor III

Posted on ‎09-01-2021 07:48 AM

I could be wrong, but I don't believe EC is supported under Big Sur. You should look to migrate to the Apple Kerberos Single Sign-on Extension.

0 Kudos
Reply

lehose
New Contributor II
In response to georgecm12

Posted on ‎09-01-2021 11:45 AM

Thanks for the reply.  I had thought that 2.0.6 was going to be the last version compatible with Big Sur, but I could be wrong.  I'll look further into the Kerberos SSO option.

0 Kudos
Reply

andrew_nicholas
Valued Contributor

Posted on ‎09-01-2021 11:51 AM

Big Sur is the last supported OS for the app and it does seem to behave oddly, and my primary issues have been with it recognizing network status but configurations are otherwise working as expected. Are the configuration profiles for it deploying correctly?

0 Kudos
Reply

lehose
New Contributor II
In response to andrew_nicholas

Posted on ‎09-01-2021 12:27 PM

I don't believe they are deploying correctly. After the actual install PKG runs, a post install pkg runs that contains the following script (I replaced the domain and server names)

----------------------------

#!/bin/bash

 

ecUser=$1

notifyDays=14

 

#Create tmp files to write LDAP info to

userInfo=`mktemp /tmp/userInfo.XXXXXX`

domainInfo=`mktemp /tmp/domainInfo.XXXXXX`

 

#Pull the info with ldapsearch

ldapsearch -LLL -H ldap://states.mnstate.edu -b "cn=users,dc=domainname,dc=edu" -s sub "(sAMAccountName=$ecUser)" > "$userInfo"

ldapsearch -LLL -H ldap://ldap.server.edu -b "dc=domainname,dc=edu" -s sub "(distinguishedName=DC=mnstate,DC=edu)" > "$domainInfo"

 

#Set the variables time calculations. Outputs LDAP time

pwdLastSetLDAP=`cat "$userInfo" | grep "pwdLastSet" | awk '{print $2}'`

domainPwdPolicyLDAP=`cat "$domainInfo" | grep "maxPwdAge" | awk '{print $2}' | sed 's/-//'`

let domainPwdPolicyDays=$domainPwdPolicyLDAP/10000000/60/60/24

 

#Convert times and calculate how many days to expiry

let pwdLastSetEpoch=($pwdLastSetLDAP/10000000)-11644473600

currentTimeEpoch=`date +"%s"`

let pwdExpires=$pwdLastSetEpoch+$domainPwdPolicyLDAP

let diffDay=($currentTimeEpoch-$pwdLastSetEpoch)/86400

let daysToExpiry=$domainPwdPolicyDays-$diffDay

 

echo "Days to Expiry" $daysToExpiry

 

if [ $daysToExpiry -le $notifyDays ]; then

echo "reset password at site"

osascript <<-EOF

try

tell application "Finder"

activate

tell application "Finder" to display dialog "Your password is going to expire. Please change your password." buttons {"Change Password", "Cancel"} default button 1

set x to button returned of result

if x is "Change Password" then

tell application "Safari"

activate

tell application "Safari" to open location "https://starid.mnscu.edu"

end tell

end if

end tell

end try

EOF

else

echo "Won't notify user"

fi

 

exit 0

----------------------------

 

All this was created prior to me taking this over.  In the past I've just replaced the install pkg on the policy with the new version and things just worked.  As far as the jamf.log output is goes, it believes everything was successful

0 Kudos
Reply

lehose
New Contributor II
In response to andrew_nicholas

Posted on ‎09-01-2021 01:05 PM

It doesn't look like any configuration profiles were created.  The PKG containing the configuration script completes without error in the jamf.log .  In the past I've just replaced the EC installer pkg on the policy with the latest package and left the configuration pkg alone.  That worked until Big Sur

0 Kudos
Reply